Sudden Increase in Git Config Scanning: Nearly 5,000 IPs Crawling the Internet for Exposed Config Files
CybersecurityGitConfigFilesInternetScanningReddit
A Reddit post reports a sudden increase in the number of IPs scanning the internet for exposed .git/config files, reaching nearly 5,000 IPs. It advises ensuring that .git/ directories are not accessible via public web servers, blocking access to hidden files and directories in web server configurations, monitoring logs for repeated requests to .git/config and similar paths, and rotating any credentials exposed in version control history.